vulnerability

Ubuntu: (Multiple Advisories) (CVE-2021-45868): Linux kernel (AWS) vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Mar 18, 2022	Apr 10, 2023	Apr 17, 2023

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Mar 18, 2022

Added

Apr 10, 2023

Modified

Apr 17, 2023

Description

In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.

Solution(s)

ubuntu-upgrade-linux-image-4-4-0-1117-awsubuntu-upgrade-linux-image-4-4-0-1118-kvmubuntu-upgrade-linux-image-4-4-0-1155-awsubuntu-upgrade-linux-image-4-4-0-239-genericubuntu-upgrade-linux-image-4-4-0-239-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-lts-xenial

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today